Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Kevin K Slow Computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Kevin K Slow Computer

Unread postby keefnj » January 11th, 2011, 7:46 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:36:45 PM, on 1/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\KEVINK~1\LOCALS~1\Temp\ConnectBGDL.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Cookie Washer\washidx.exe "Kevin Kolenut"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RegTool] C:\Program Files\RegTool\RegTool.exe -boot
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: CS Connect Background Services.lnk = C:\WinCSI\Tools\ConnectBGDL.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZDWlan.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll
O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll
O18 - Protocol: intu-help-qb3 - {C5E479EA-0A65-4B05-8C6C-2FC8CC682EB4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: OSCM Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 13662 bytes

32 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X
AOL Registration
AOL Toolbar 5.0
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center
ATI Display Driver
Bonjour
Broadcom Management Programs
Conexant D850 56K V.9x DFVc Modem
Cookie Washer (AOL)
Critical Update for Windows Media Player 11 (KB959772)
Dell Support 3.2.1
Digital Line Detect
FileZilla Client 3.1.5
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 11.0
HP Imaging Device Functions 11.0
hp LaserJet 1160/1320 series
HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
HP Photosmart Essential 3.0
HP Smart Web Printing
HP Solution Center 11.0
HP Update
Infragisticsv62Install
Infragisticsv62Install
Infragisticsv62Install 2009
Infragisticsv62Install 2010
iTunes
J2SE Runtime Environment 5.0 Update 6
Kaspersky Online Scanner
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Basic 2007
Microsoft Office Basic 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual Studio 2005 Tools for Office Runtime
Mobile Broadband Generic Drivers
Modem Helper
Mozilla Firefox (3.6.10)
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NetWaiting
OCR Software by I.R.I.S. 11.0
Pdf995
PdfEdit995
Planner CS
PowerDVD
QuickBooks
QuickBooks Pro 2010
QuickBooks Product Listing Service
Quicken 2006
QuickTime
RealPlayer Basic
SearchAssist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SendSpace Wizard
Shop for HP Supplies
Signature995
Sony Picture Utility
Sprint Mobile Broadband (Novatel Wireless) - Lite
Spybot - Search & Destroy
SupportSoft Assisted Service
UltraTax 2003
UltraTax 2004
UltraTax CS 2005
UltraTax CS 2006
UltraTax CS 2007
UltraTax CS 2008
UltraTax CS 2009
UltraTax CS 2010
UltraTax Font Installer
UltraTax Planner
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB960763)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
URL Assistant
Viewpoint Media Player
Visual Studio 2005 Tools for Office Second Edition Runtime
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows Search 4.0
Windows XP Service Pack 3
WinZip 14.5
Wireless-G PCI Adapter
Yahoo! Toolbar
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm
Advertisement
Register to Remove

Re: Kevin K Slow Computer

Unread postby deltalima » January 13th, 2011, 6:37 am

Hi keefnj.

Please let me know if the computer is used for home or for business use.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 13th, 2011, 11:23 am

home
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby deltalima » January 13th, 2011, 4:08 pm

Hi keefnj,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your malware issue.

The logs can take some time to research, so please be patient with me.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 14th, 2011, 12:21 pm

OTL logfile created on: 1/13/2011 10:07:55 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Kevin Kolenut\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 61.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.96 Gb Total Space | 106.59 Gb Free Space | 71.55% Space Free | Partition Type: NTFS

Computer Name: KEVIN | User Name: Kevin Kolenut | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Kevin Kolenut\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Kevin Kolenut\Local Settings\Temp\ConnectBGDL.exe (Thomson Reuters)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe (Sprint Spectrum, L.L.C)
PRC - C:\Program Files\AOL 9.0\waol.exe (AOL, LLC.)
PRC - C:\Program Files\AOL 9.0\shellmon.exe (AOL, LLC.)
PRC - C:\Program Files\Common Files\aol\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe (AOL LLC)
PRC - C:\Program Files\Common Files\aol\1200167347\ee\aolsoftware.exe (America Online, Inc.)
PRC - C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Kevin Kolenut\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\AOL 9.0\idleproc.dll (AOL, LLC.)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (hpqddsvc) -- C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqcxs08) -- C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (OSCM Utility Service) -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe (Sprint Spectrum, L.L.C)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)


========== Driver Services (SafeList) ==========

DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (NWUSBPort2) -- C:\WINDOWS\system32\drivers\nwusbser2.sys (Novatel Wireless Inc.)
DRV - (NWUSBPort) -- C:\WINDOWS\system32\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem) -- C:\WINDOWS\system32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (NdisWDM) -- C:\WINDOWS\system32\drivers\NdisWDM.sys (Broadcom Corporation)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NWUSBCDFIL) -- C:\WINDOWS\system32\drivers\NwUsbCdFil.sys (Novatel Wireless Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atiide) -- C:\WINDOWS\system32\DRIVERS\atiide.sys (ATI Technologies Inc.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (DSproct) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk- ... channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=del ... bd=3070815


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=3070815
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk- ... channel=us
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cli ... bd=3070815
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/01/12 19:17:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/14 15:08:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/26 09:42:38 | 000,000,000 | ---D | M]

[2010/01/27 11:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin Kolenut\Application Data\Mozilla\Extensions
[2010/12/20 18:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin Kolenut\Application Data\Mozilla\Firefox\Profiles\xc6qwuwo.default\extensions
[2010/01/27 11:36:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kevin Kolenut\Application Data\Mozilla\Firefox\Profiles\xc6qwuwo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/27 11:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2008/04/16 14:12:53 | 000,231,215 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 8105 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1200167347\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006..\Run: [RegTool] File not found
O4 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKLM..\RunServicesOnce: [washindex] C:\Program Files\Cookie Washer\washidx.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CS Connect Background Services.lnk = C:\WinCSI\Tools\ConnectBGDL.exe (Thomson Reuters)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ZDWlan.lnk = File not found
O4 - Startup: C:\Documents and Settings\Kevin Kolenut\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2945386698-2556118024-1351971877-1006\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.2
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Kevin Kolenut\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kevin Kolenut\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1d7dc920-c07d-11dc-a783-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{1d7dc920-c07d-11dc-a783-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1d7dc920-c07d-11dc-a783-00038a000015}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{574349c7-a9b9-11dc-a77c-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{574349c7-a9b9-11dc-a77c-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{574349c7-a9b9-11dc-a77c-00038a000015}\Shell\AutoRun\command - "" = F:\LiteAuto.exe
O33 - MountPoints2\{c103e326-51bf-11dd-a7ec-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{c103e326-51bf-11dd-a7ec-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c103e326-51bf-11dd-a7ec-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/13 22:07:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kevin Kolenut\Desktop\OTL.exe
[2011/01/13 18:33:49 | 441,964,008 | ---- | C] (Thomson ReutersTax & Accounting ) -- C:\Documents and Settings\Kevin Kolenut\Desktop\utdownload_2010_3_0.exe
[2011/01/11 22:51:32 | 279,277,912 | ---- | C] (Thomson ReutersTax & Accounting ) -- C:\Documents and Settings\Kevin Kolenut\Desktop\utdownload_2010_2_0.exe
[2011/01/11 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/01/11 18:34:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin Kolenut\Start Menu\Programs\HiJackThis
[2010/12/20 13:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin Kolenut\My Documents\JMehalickLBL$500kPNTCURRENTAGEUL100
[2010/12/20 13:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin Kolenut\My Documents\photo
[2010/12/16 11:56:27 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/16 11:47:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/13 22:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kevin Kolenut\Desktop\OTL.exe
[2011/01/13 21:28:54 | 000,001,427 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraTax CS 2010 Source Data Entry.lnk
[2011/01/13 21:28:18 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CS Connect Background Services.lnk
[2011/01/13 21:28:18 | 000,001,402 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraTax CS 2010.lnk
[2011/01/13 21:20:03 | 441,964,008 | ---- | M] (Thomson ReutersTax & Accounting ) -- C:\Documents and Settings\Kevin Kolenut\Desktop\utdownload_2010_3_0.exe
[2011/01/13 21:11:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/13 13:11:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/13 12:00:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\RegTool Scan.job
[2011/01/13 09:44:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Ÿ=Ÿ=
[2011/01/13 09:42:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/13 09:42:25 | 2111,803,392 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/12 14:53:02 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/12 10:12:35 | 279,277,912 | ---- | M] (Thomson ReutersTax & Accounting ) -- C:\Documents and Settings\Kevin Kolenut\Desktop\utdownload_2010_2_0.exe
[2011/01/11 19:43:51 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\Microsoft Office Word 2007.lnk
[2011/01/11 18:39:37 | 000,002,463 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\HiJackThis.lnk
[2011/01/11 13:58:54 | 000,488,273 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\doc20110111103728.pdf
[2011/01/10 21:15:02 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\Winter_Reading_Schedule_11_97.doc
[2011/01/10 20:53:08 | 000,045,619 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\NJWTFlyer(Jan112011).pdf
[2011/01/10 10:01:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/22 18:43:57 | 002,097,664 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\SkylandsElectric,LLC(Portable).qbm
[2010/12/22 18:26:15 | 000,090,438 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\Inv_101001_from_Chadwick_I.pdf
[2010/12/22 17:56:30 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\QUARTERLYMAINTENANCEFEEREMINDER5.doc
[2010/12/21 18:30:20 | 001,404,825 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\JMehalickLBL$500kPNTCURRENTAGEUL100.zip
[2010/12/21 16:21:15 | 000,001,418 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraTax CS 2009 Bar Code Scan.lnk
[2010/12/21 16:20:49 | 000,001,402 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraTax CS 2009.lnk
[2010/12/20 13:49:22 | 000,124,288 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\photo.zip
[2010/12/20 13:48:12 | 000,682,079 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\Scan_Doc0006.pdf
[2010/12/17 14:14:37 | 000,128,337 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\121720101143525848310805.pdf
[2010/12/17 13:56:17 | 009,355,264 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\Estate of Stephen Stefiuk (Backup Dec 17,2010 01 56 PM).QBB
[2010/12/17 11:27:42 | 000,163,542 | ---- | M] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\lp32-20101216203619167-00004_95.rtf
[2010/12/17 11:13:24 | 000,216,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/17 07:23:37 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/13 21:28:54 | 000,001,427 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\UltraTax CS 2010 Source Data Entry.lnk
[2011/01/11 18:34:38 | 000,002,463 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\HiJackThis.lnk
[2011/01/11 13:58:19 | 000,488,273 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\doc20110111103728.pdf
[2011/01/10 21:15:00 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\Winter_Reading_Schedule_11_97.doc
[2011/01/10 20:53:05 | 000,045,619 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\NJWTFlyer(Jan112011).pdf
[2010/12/22 18:43:32 | 002,097,664 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\SkylandsElectric,LLC(Portable).qbm
[2010/12/22 18:26:11 | 000,090,438 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\Inv_101001_from_Chadwick_I.pdf
[2010/12/22 17:56:28 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\QUARTERLYMAINTENANCEFEEREMINDER5.doc
[2010/12/20 13:50:31 | 001,404,825 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\JMehalickLBL$500kPNTCURRENTAGEUL100.zip
[2010/12/20 13:49:18 | 000,124,288 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\photo.zip
[2010/12/20 13:47:54 | 000,682,079 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\Scan_Doc0006.pdf
[2010/12/17 14:14:35 | 000,128,337 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\My Documents\121720101143525848310805.pdf
[2010/12/17 13:56:06 | 009,355,264 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\Estate of Stephen Stefiuk (Backup Dec 17,2010 01 56 PM).QBB
[2010/12/17 11:27:37 | 000,163,542 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Desktop\lp32-20101216203619167-00004_95.rtf
[2009/12/09 16:37:27 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2009/09/04 11:21:10 | 009,195,520 | ---- | C] () -- C:\Program Files\Citron Enterprises, Inc (Backup).QBB
[2009/08/26 10:23:02 | 000,000,028 | ---- | C] () -- C:\WINDOWS\qbwcd.ini
[2009/08/26 10:15:39 | 000,001,131 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/08/26 10:15:17 | 000,001,385 | ---- | C] () -- C:\WINDOWS\QfnOnl.ini
[2009/08/26 10:15:00 | 000,000,362 | ---- | C] () -- C:\WINDOWS\QDQICK.INI
[2009/08/26 10:15:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ACCWIZ.INI
[2009/08/26 10:15:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\QFNOA.INI
[2009/01/12 19:12:02 | 000,002,891 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/08/06 08:45:50 | 000,000,219 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/08/04 12:55:47 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/07/11 09:52:08 | 000,000,115 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/07/11 09:51:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2008/07/11 09:51:54 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/03/28 12:19:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\WMPCI54G.dll
[2008/01/12 14:29:42 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/25 16:15:14 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2007/08/25 16:15:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2007/08/25 16:13:57 | 000,000,783 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2007/08/25 16:13:47 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\HPB1320V.DLL
[2007/08/25 16:13:14 | 000,012,499 | ---- | C] () -- C:\WINDOWS\hplj1320.ini
[2007/08/25 12:31:27 | 000,095,232 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/24 21:14:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\UTWAPP.INI
[2007/08/24 20:40:23 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Kevin Kolenut\Local Settings\Application Data\fusioncache.dat
[2007/08/15 19:35:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/08/15 19:08:30 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/07/31 05:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby keefnj » January 14th, 2011, 12:22 pm

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-14 11:06:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 ST3160815AS rev.3.ADA
Running: yer42wzy.exe; Driver: C:\DOCUME~1\KEVINK~1\LOCALS~1\Temp\axtdqpod.sys


---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB711BA00]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[1340] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1852] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1200167347\ee\AOLSoftware.exe[2440] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AOL 9.0\waol.exe[5328] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Fastfat \Fat B268BD20

---- EOF - GMER 1.0.15 ----
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby deltalima » January 14th, 2011, 2:23 pm

Hi keefnj,

No Anti-virus Software Installed!
Looking over your log ... there is NO evidence of anti-virus software installed.. This puts you at serious risk.
Anti-virus software will help detect, cleanse, and erase harmful virus files on a computer, Web server, or network.
Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories.

To protect your computer from infection...download a (free for personal use) anti-virus program from one these reliable vendors.

  1. Antivir PersonalEdition Classic- Superior detection, the "free" version has no email scan.
  2. avast! Free Antivirus - Excellent detection, the freeware version includes email scanning.
  3. Microsoft Security Essentials ** - New, from Microsoft, with email scanning, easy to install, easy to use.
    ** Your PC must run genuine Windows to install Microsoft Security Essentials.


Installing a new AV product.
Do NOT unistall any existing anti-virus product yet!
  1. Download the new Anti-virus product to your computer.
  2. Save any work. Close all applications, especially your Internet connection.
  3. Uninstall any existing anti-virus product... Use the AV uninstall option if available.
  4. Reboot your computer, if not done during the uninstall.
  5. Install the new AV product... following installation instructions.
  6. Check for updates to the new AV product, if not done during install setup.
  7. Run a full scan of your computer.


Please post the log from the full scan in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 15th, 2011, 2:34 pm

*
* avast! Scan Report
* This file is generated automatically
*
* Scan name: Quick scan
* Started on: Saturday, January 15, 2011 1:12:38 PM
* VPS: 110115-0, 01/15/2011
*

Infected files: 0
Total files: 73282
Total folders: 18005
Total size: 20.8 GB

*
* Scan stopped: Saturday, January 15, 2011 1:32:17 PM
* Run-time was 19 minute(s), 39 second(s)
*
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby deltalima » January 15th, 2011, 2:57 pm

Hi keefnj,

Update Java Runtime
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 23.
  • Download the latest version of Java Runtime Environment (JRE) 6 Here
  • Scroll down to where it says "JDK 6 Update 23 (JDK or JRE)"
  • Click the orange Download JRE button to the right
  • Select the Windows platform from the dropdown menu
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
  • Click on the link to download Windows Offline Installation & save the file to your desktop
  • Close any programs you may have running - especially your web browser
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions
  • Reboot your computer once all Java components are removed
  • Then from your desktop double-click on jre-6u23-windows-i586-p.exe to install the newest version

Malwarebytes Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and select then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please post that log in your next reply.
The log can also be found here:
  1. Launch Malwarebytes' Anti-Malware
  2. Click on the Logs radio tab.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

MBRCheck

Please download MBRCheck.exe to your desktop.
  • Double-click on MBRCheck.exe to run it.
  • It will show a Black screen with some information.
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file in you're next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 16th, 2011, 12:42 pm

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5532

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/16/2011 11:23:52 AM
mbam-log-2011-01-16 (11-23-41).txt

Scan type: Quick scan
Objects scanned: 154222
Time elapsed: 10 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 205

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RegTool (Rogue.RegTool) -> Value: RegTool -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\kevin kolenut\application data\RegTool (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410 (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-12 12-00-390 (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-14 10-47-150 (Rogue.RegTool) -> No action taken.

Files Infected:
c:\WINDOWS\Tasks\regtool scan.job (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\resultsw.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-08 21-09-550.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-09 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-09 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-10 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-10 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-10 14-27-580.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-11 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-11 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-12 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-12 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-13 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-13 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-14 12-00-000.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\Logs\2009-02-14 12-00-001.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-10.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-100.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-101.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-102.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-103.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-104.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-105.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-106.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-107.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-108.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-109.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-11.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-110.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-111.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-112.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-113.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-26.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-27.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-28.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-29.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-3.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-30.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-31.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-32.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-33.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-34.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-35.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-36.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-37.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-38.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-39.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-4.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-40.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-41.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-42.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-44.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-45.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-46.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-47.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-48.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-49.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-5.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-50.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-51.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-52.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-53.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-54.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-55.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-56.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-57.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-58.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-59.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-6.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-60.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-62.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-63.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-64.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-65.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-66.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-67.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-68.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-69.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-7.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-70.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-71.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-72.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-73.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-74.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-75.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-76.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-77.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-78.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-79.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-80.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-81.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-82.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-83.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-84.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-85.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-86.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-87.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-88.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-89.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-9.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-90.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-91.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-92.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-93.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-94.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-95.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-96.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-97.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-98.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-99.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-114.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-132.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-150.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-169.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-25.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-43.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-61.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-8.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-115.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-116.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-117.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-118.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-119.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-12.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-120.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-121.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-122.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-123.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-124.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-125.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-126.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-127.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-128.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-129.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-13.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-130.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-131.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-133.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-134.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-135.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-136.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-137.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-138.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-139.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-14.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-140.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-141.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-142.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-143.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-144.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-145.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-146.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-147.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-148.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-149.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-15.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-151.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-152.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-153.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-154.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-155.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-156.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-157.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-158.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-159.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-16.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-160.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-161.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-162.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-163.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-164.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-165.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-166.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-167.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-168.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-17.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-170.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-171.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-172.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-173.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-174.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-175.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-176.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-177.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-178.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-179.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-18.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-19.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-2.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-20.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-21.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-22.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-23.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-08 21-10-410\regb-24.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-12 12-00-390\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-12 12-00-390\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-12 12-00-390\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-12 12-00-390\regb-2.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-14 10-47-150\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-14 10-47-150\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-14 10-47-150\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\kevin kolenut\application data\RegTool\quarantinew\2009-02-14 10-47-150\regb-2.db (Rogue.RegTool) -> No action taken.

Note all infected items were removed after log was written
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby keefnj » January 16th, 2011, 12:45 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000002c

Kernel Drivers (total 140):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xBA0A8000 wsoxd.sys
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0B8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0C8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA330000 PartMgr.sys
0xBA671000 atiide.sys
0xBA0D8000 VolSnap.sys
0xB9F31000 atapi.sys
0xBA0E8000 disk.sys
0xBA0F8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9F11000 fltmgr.sys
0xB9EFF000 sr.sys
0xBA108000 PxHelp20.sys
0xB9EE8000 KSecDD.sys
0xB9E5B000 Ntfs.sys
0xB9E2E000 NDIS.sys
0xB9E14000 Mup.sys
0xBA2D8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9568000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB9554000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA2E8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA2F8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA308000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB9531000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA498000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xBA4A0000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB950D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA4A8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB94E5000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB94D1000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA318000 \SystemRoot\system32\DRIVERS\serial.sys
0xB9DBF000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB949D000 \SystemRoot\system32\DRIVERS\HSFHWBS2.sys
0xB939E000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
0xB92F7000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xBA4B0000 \SystemRoot\System32\Drivers\Modem.SYS
0xBA128000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xBA784000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA138000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9DBB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB92E0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA148000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA158000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA340000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB92CF000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA168000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA368000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA370000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBA378000 \SystemRoot\system32\DRIVERS\wanatw4.sys
0xBA178000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA380000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA388000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5FC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9271000 \SystemRoot\system32\DRIVERS\update.sys
0xB9747000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA198000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA1D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA60E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB9727000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xB70CF000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xB70AB000 \SystemRoot\system32\drivers\portcls.sys
0xBA238000 \SystemRoot\system32\drivers\drmk.sys
0xB704B000 \SystemRoot\system32\drivers\Senfilt.sys
0xBA564000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xBA616000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA79A000 \SystemRoot\System32\Drivers\Null.SYS
0xBA618000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA3C0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA3C8000 \SystemRoot\System32\drivers\vga.sys
0xBA61A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA61C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA3D0000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA3D8000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA56C000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB6F5E000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB6F05000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xBA258000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB6EDF000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xBA288000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB6E8F000 \SystemRoot\system32\DRIVERS\netbt.sys
0xBA3F0000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB6E6D000 \SystemRoot\System32\drivers\afd.sys
0xBA2B8000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB6E42000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB6DD2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA2C8000 \SystemRoot\System32\Drivers\Fips.SYS
0xB6D44000 \SystemRoot\System32\Drivers\aswSP.SYS
0xBA590000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB91A6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xBA410000 \SystemRoot\system32\DRIVERS\dot4usb.sys
0xB6C71000 \SystemRoot\system32\DRIVERS\Dot4.sys
0xBA438000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xBA440000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xBA5A0000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xBA448000 \SystemRoot\system32\DRIVERS\point32.sys
0xBA5A4000 \SystemRoot\system32\DRIVERS\Dot4Prt.sys
0xB9DDB000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB711C000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xBA478000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xBA480000 \SystemRoot\system32\DRIVERS\HPZius12.sys
0xBA488000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB9176000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB9166000 \SystemRoot\system32\DRIVERS\HPZid412.sys
0xBA554000 \SystemRoot\system32\DRIVERS\HPZipr12.sys
0xB6BB0000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA66A000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB6ED3000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA490000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA74C000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF055000 \SystemRoot\System32\ati2cqag.dll
0xBF09D000 \SystemRoot\System32\atikvmag.dll
0xBF0E3000 \SystemRoot\System32\ati3duag.dll
0xBF331000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xBA53C000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB4854000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB4691000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB3D2C000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB3CEF000 \SystemRoot\system32\drivers\wdmaud.sys
0xB4159000 \SystemRoot\system32\drivers\sysaudio.sys
0xBA668000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xB39EE000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB382D000 \SystemRoot\system32\DRIVERS\srv.sys
0xB2903000 \SystemRoot\System32\Drivers\HTTP.sys
0xBA654000 \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
0xB27BA000 \SystemRoot\system32\DRIVERS\ndiswdm.sys
0xB26EF000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 65):
0 System Idle Process
4 System
564 C:\WINDOWS\system32\smss.exe
764 csrss.exe
792 C:\WINDOWS\system32\winlogon.exe
840 C:\WINDOWS\system32\services.exe
852 C:\WINDOWS\system32\lsass.exe
1024 C:\WINDOWS\system32\ati2evxx.exe
1044 C:\WINDOWS\system32\svchost.exe
1108 svchost.exe
1152 C:\WINDOWS\system32\svchost.exe
1268 svchost.exe
1308 svchost.exe
1512 C:\WINDOWS\system32\ati2evxx.exe
1684 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1860 C:\WINDOWS\explorer.exe
260 C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
276 C:\Program Files\Analog Devices\Core\smax4pnp.exe
284 C:\Program Files\Real\RealPlayer\realplay.exe
304 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
364 C:\Program Files\Common Files\aol\1200167347\ee\aolsoftware.exe
372 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
392 C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\HP Software Update\hpwuSchd2.exe
424 C:\Program Files\QuickTime\QTTask.exe
436 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
464 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
348 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
636 C:\Program Files\Common Files\Java\Java Update\jusched.exe
680 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
696 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
704 C:\Program Files\Dell Support\DSAgnt.exe
712 C:\WINDOWS\system32\ctfmon.exe
872 C:\Program Files\Digital Line Detect\DLG.exe
916 C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe
996 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
1116 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
1176 C:\Program Files\WinZip\WZQKPICK.EXE
1252 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
1508 C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
1568 C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
1820 C:\WINDOWS\system32\spoolsv.exe
2116 svchost.exe
2152 C:\Program Files\Common Files\aol\ACS\AOLacsd.exe
2296 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2372 C:\Program Files\Bonjour\mDNSResponder.exe
2456 C:\WINDOWS\system32\svchost.exe
2504 C:\Program Files\Java\jre6\bin\jqs.exe
2660 C:\WINDOWS\system32\svchost.exe
2684 C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
2704 C:\WINDOWS\system32\svchost.exe
2728 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
2844 C:\WINDOWS\system32\svchost.exe
3072 C:\WINDOWS\system32\searchindexer.exe
3104 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
156 C:\WINDOWS\system32\wuauclt.exe
4064 alg.exe
3092 C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqste08.exe
1948 C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqbam08.exe
2168 C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqgpc01.exe
1840 C:\WINDOWS\system32\svchost.exe
1924 C:\Program Files\AOL 9.0\waol.exe
2520 C:\Program Files\AOL 9.0\shellmon.exe
616 C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
3464 C:\WINDOWS\system32\notepad.exe
2940 C:\Documents and Settings\Kevin Kolenut\Local Settings\Temporary Internet Files\Content.IE5\8MJ3K3M5\MBRCheck[1].exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02738a00 (NTFS)

PhysicalDrive0 Model Number: ST3160815AS, Rev: 3.ADA

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby deltalima » January 16th, 2011, 1:20 pm

Hi keefnj,

Please run Malwarebytes again and when the scan has completed select Remove Selected and post the log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 16th, 2011, 2:48 pm

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5532

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/16/2011 12:31:34 PM
mbam-log-2011-01-16 (12-31-34).txt

Scan type: Quick scan
Objects scanned: 155242
Time elapsed: 9 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm

Re: Kevin K Slow Computer

Unread postby deltalima » January 16th, 2011, 3:04 pm

Hi keefnj,

If you do not use Windows Search 4.0 I would remove it as follows

  • Click Start, point to Settings, and then click Control Panel.
  • In Control Panel, double-click Add or Remove Programs.
  • In Add or Remove Programs,
    highlight Windows Search 4.0
    click Remove
  • Close the Add or Remove Programs and the Control Panel windows.

As it can cause the computer to run slowly.

Please reboot the computer.

ESET online scannner

  • Please go Here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Please let me know how the computer is running now
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Kevin K Slow Computer

Unread postby keefnj » January 16th, 2011, 10:34 pm

Can't print ESET Online Scanner Log but here it is:

No Threats Found
Infected Files 0
Cleaned Files 0
Scan Time 1:04:27
Scan Status Finished
keefnj
Active Member
 
Posts: 13
Joined: January 22nd, 2008, 10:45 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 375 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware